From 203bb5eef7a52416bff5c8d0afd17ec805b43fdd Mon Sep 17 00:00:00 2001 From: greycode Date: Sun, 28 Jul 2024 22:28:09 +0800 Subject: [PATCH 1/2] feat: support for make build --- Makefile | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 Makefile diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..3b5d508 --- /dev/null +++ b/Makefile @@ -0,0 +1,73 @@ +# Makefile to install dependencies and build the project for amd64 and arm64 architectures + +.PHONY: all install clean build_amd64 build_arm64 + +all: install detect-arch + +install: detect-distro + +detect-distro: + @if [ -f /etc/debian_version ]; then \ + $(MAKE) install_ubuntu; \ + elif [ -f /etc/fedora-release ]; then \ + $(MAKE) install_fedora; \ + elif [ -f /etc/arch-release ]; then \ + $(MAKE) install_arch; \ + elif [ -f /etc/alpine-release ]; then \ + $(MAKE) install_alpine; \ + elif [ -f /etc/centos-release ]; then \ + $(MAKE) install_centos; \ + else \ + $(MAKE) unsupported; \ + fi + +install_ubuntu: + sudo apt-get install -y pkg-config gcc libseccomp-dev + +install_fedora: + sudo dnf install -y pkgconfig gcc libseccomp-devel + +install_arch: + sudo pacman -S --noconfirm pkg-config gcc libseccomp + +install_alpine: + sudo apk add pkgconfig gcc libseccomp-dev + +install_centos: + sudo yum install -y pkgconfig gcc libseccomp-devel + +unsupported: + @echo "Unsupported distribution" + @exit 1 + +detect-arch: + @if [ "$$(uname -m)" = "x86_64" ]; then \ + $(MAKE) build_amd64; \ + elif [ "$$(uname -m)" = "aarch64" ]; then \ + $(MAKE) build_arm64; \ + else \ + @echo "Unsupported architecture"; \ + @exit 1; \ + fi + +clean: + rm -f internal/core/runner/python/python.so + rm -f internal/core/runner/nodejs/nodejs.so + rm -f /tmp/sandbox-python/python.so + rm -f /tmp/sandbox-nodejs/nodejs.so + +build_amd64: clean + @echo "Building Python lib for amd64" + CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -o internal/core/runner/python/python.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/python/main.go + @echo "Building Nodejs lib for amd64" + CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -o internal/core/runner/nodejs/nodejs.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/nodejs/main.go + @echo "Building main for amd64" + GOOS=linux GOARCH=amd64 go build -o main -ldflags="-s -w" cmd/server/main.go + +build_arm64: clean + @echo "Building Python lib for arm64" + CGO_ENABLED=1 GOOS=linux GOARCH=arm64 go build -o internal/core/runner/python/python.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/python/main.go + @echo "Building Nodejs lib for arm64" + CGO_ENABLED=1 GOOS=linux GOARCH=arm64 go build -o internal/core/runner/nodejs/nodejs.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/nodejs/main.go + @echo "Building main for arm64" + GOOS=linux GOARCH=arm64 go build -o main -ldflags="-s -w" cmd/server/main.go \ No newline at end of file From 314e6f2c561c11aa7432eca39c8dac5763e5d40f Mon Sep 17 00:00:00 2001 From: greycode Date: Sun, 28 Jul 2024 22:33:20 +0800 Subject: [PATCH 2/2] docs: update README --- README.md | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 40ae603..14f78f7 100644 --- a/README.md +++ b/README.md @@ -1,24 +1,28 @@ # Dify-Sandbox + ## Introduction + Dify-Sandbox offers a simple way to run untrusted code in a secure environment. It is designed to be used in a multi-tenant environment, where multiple users can submit code to be executed. The code is executed in a sandboxed environment, which restricts the resources and system calls that the code can access. ## Use + ### Requirements + DifySandbox currently only supports Linux, as it's designed for docker containers. It requires the following dependencies: + - libseccomp - pkg-config - gcc - golang 1.20.6 ### Steps + 1. Clone the repository using `git clone https://github.com/langgenius/dify-sandbox` and navigate to the project directory. -2. Run ./install.sh to install the necessary dependencies. -3. Run ./build/build_[amd64|arm64].sh to build the sandbox binary. -4. Run ./main to start the server. +2. Run `make` to build the sandbox library binaries. +3. Run `./main` to start the server. If you want to debug the server, firstly use build script to build the sandbox library binaries, then debug as you want with your IDE. - ## FAQ -Refer to the [FAQ document](FAQ.md) \ No newline at end of file +Refer to the [FAQ document](FAQ.md)